WhatsApp Spyware

Election is the most important part of any democratic country like us where we the people have the right to elect our government which will safeguard our interests and nation. That is why Democracy is defined as a government of the people, by the people and for the people.
You might have been excited about voting in 2019 General elections which took place from April 11 to May 23 earlier this year and even had WhatsApp conversations with your friends, peers about it but little did you know that your WhatsApp account would be snooped by Pegasus.

What is Pegasus?
Pegasus is a Spyware developed by NSO Group Technologies, an Israel based security company which can be installed in all commonly used Smartphone operating system’s which include iOS, Android, Microsoft based Windows Phone and Samsung’s Tizen.
The Facebook based application has closely worked with Citizen Labs, an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada volunteered to identify cases where suspected targets of this attack. Citizen Labs found that the Pegasus had used other ways in the past to infiltrate a target’s device, like getting the target to click on a link using social engineering or using fake package notifications to install the Spyware. The code is transmitted by calling the target phone on WhatsApp. The code enters the phone even if the call is not answered.

So how does it work?
In early May 2019, WhatsApp discovered a Buffer Overflow Vulnerability (CVE-2019-3568) that allowed a Spyware to be installed on user’s phone via the app’s phone call function.The Vulnerability existed in its VOIP Stack which allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number which simply means the hacker can hijack the users WhatsApp application, execute malicious code, eavesdrops on victim’s calls, turns on the microphone and camera, accesses photos, contacts list, calendar events and eventually compromise victim’s device.
According to WhatsApp chief Will Cathcart, “at least 100 human rights defenders, journalists and other members of civil society across the world” have been the victims of this malicious attack.

Versions affected
WhatsApp for Android prior to 2.19. 134
WhatsApp Business for Android prior to v2.19.44
WhatsApp for iOS prior to v2.19.51
WhatsApp Business for iOS prior to v2.19.51
WhatsApp for Windows Phone prior to v2.18.348
WhatsApp for Tizen prior to v2.18.15

What should you do?
– Always use a trustworthy antivirus application on your phone and update it on regular basis
– Make sure you download applications from their official website or from an official store such as Google Play for Android.
– Do not click on links received in SMS on your phone from unknown numbers.
– Open those emails only if you are positive about the Source.
– Regularly backup your critical data stored on your phone
– Make sure you download applications of a reliable app developer. Also check the user ratings and reviews of the app.

Biren Parekh